Postfix stable release 2.10.1, and legacy releases 2.9.7, 2.8.15,
2.7.14 are available. They contain fixes and workarounds that are
also part of Postfix 2.11.

Postfix 2.10 only:

Workaround: down-stream maintainers fail to install the
new smtpd_relay_restrictions safety net, causing breakage that could
have been avoided. We now hard-code the safety net instead.

See the RELEASE_NOTES file for more details.

All supported releases:

Bugfix (introduced: Postfix 2.0): when myhostname is not
listed in mydestination, the trivial-rewrite resolver may log "do
not list <myhostname value> in both mydestination and <name of
non-mydestination domain list>". The fix is to re-resolve a
domain-less address after adding $myhostname as the surrogate domain,
so that it pops out with the right address-class label. Reported
by Quanah Gibson-Mount.

Bugfix (introduced: Postfix 2.3): don't reuse TCP connections
when smtp_tls_policy_maps is specified. TLS policies may depend on
the remote destination, but the Postfix &lt 2.11 SMTP connection cache
client does not distinguish between different destinations that
resolve to the same IP address. Victor Duchovni. Found during
Postfix 2.11 code maintenance.

Bugfix (introduced: Postfix 2.2): don't reuse TCP connections
when SASL authentication is enabled. SASL passwords may depend on
the remote SMTP server hostname, but the Postfix &lt 2.11 SMTP
connection cache client does not distinguish between different
hostnames that resolve to the same IP address. Found during Postfix
2.11 code maintenance.